The Design and Analysis of Secure Communication Protocols for the Computer Network
博士 === 國立成功大學 === 資訊工程學系 === 86 === As computer networks prevail, communications between people are becomingmore convenient than ever. With the progress of National InformationInfrastructure (NII), many innovative applications, such as internetshopping, t...
Main Authors: | , |
---|---|
Other Authors: | |
Format: | Others |
Language: | zh-TW |
Published: |
1998
|
Online Access: | http://ndltd.ncl.edu.tw/handle/40060635925750375201 |
id |
ndltd-TW-086NCKU1392006 |
---|---|
record_format |
oai_dc |
spelling |
ndltd-TW-086NCKU13920062015-10-13T11:06:13Z http://ndltd.ncl.edu.tw/handle/40060635925750375201 The Design and Analysis of Secure Communication Protocols for the Computer Network 電腦網路安全通訊協定之設計與研究 Wang, Chih-Hung 王智弘 博士 國立成功大學 資訊工程學系 86 As computer networks prevail, communications between people are becomingmore convenient than ever. With the progress of National InformationInfrastructure (NII), many innovative applications, such as internetshopping, teleconference, distance learning , remote medical service, etc.,have been constructed and many more are also on the way. We actually benefits from these applications in daily life. However, the security problems in the network, e.g., eavesdropping, tampering and impersonation, should be carefully considered. An intruder can easily manipulate important information and eventually the society will suffer a lot if communications over the networks fail to follow well-designed secure protocols. Identification and key distribution have been the two fundamental issues of secure communications. When a user wants to login to the server or require the server to provide some services, the server must verify the user''s identity. The purpose of identification is to protect the right of legal user and guard against the impersonation attacks. Previously, the password technology was very popular. Nowadays, many new techniques such as IC card, fingerprint, retinal analysis and human identification, have been proposed to enhance the efficiency and security of the systems. In addition, creating a secure channel in the open network requires the key distribution procedure. Therefore, designing an efficient and practical key distribution protocol between two persons or groups, or in a conference, is critical. This dissertation is divided into three parts: (a) the communication security in personal communication, (b) the communication security in group-oriented communication, and (c) the communication security in teleconferencing. In (a), we study the "Human Identification ", which is a scheme that the computational complexity of the identification process for the end user is bounded to the human''s ability. Such scheme has to protect against the "replay attack" and "peeping attack". Here, we have investigated the securityof human identification scheme and proposed several attacks on it. In addition, we have analyzed the key distribution scheme with "multiple authentication servers", which was designed by Gong in 1993. A modified scheme have been proposed to increase the performance. In (b), we try to propose a new group-oriented cryptosystem and a modified DSS threshold signature scheme. The former uses the key exchange protocol of Diffie-Hellman to reduce the cost of transmissions and computations. The latter modifies Langford''s threshold DSS signature scheme to reduce the number of signers. In addition, for the purpose of message authentication within a group, we propose an unconditionally secure authentication scheme suitable for multi-senders. By means of our key distribution/management strategy, this proposed scheme significantly reduces the size of evidence and the number of enciphering keys. In (c), we propose a cryptanalysis of Wu and Yeh''s conference key distribution system (CKDS). Then, we discuss two problems of Chen-Hwang''s CKDS and propose a functionally equivalent scheme to avoid these problems.Moreover, for the sake of practicability, we extend the modified Chen- Hwang''s scheme to have the property of attendance control. Finally, we propose a receipt-free voting scheme for the purpose of resolving process in a conference. Most existing electronic voting protocols provide each voter a receipt that permits a check as to whether his vote was counted. With this receipt, however, each voter can prove his voting choice and thus provides an opportunity for a malicious user (a briber) to buy the votes. To solve this problem, one has to use a receipt-free voting scheme. To summarize this dissertation, we have investigated in depth on many critical issues of communication protocols and proposed some topics for further research. Hwang Tzonelih 黃宗立 1998 學位論文 ; thesis 150 zh-TW |
collection |
NDLTD |
language |
zh-TW |
format |
Others
|
sources |
NDLTD |
author2 |
Hwang Tzonelih |
author_facet |
Hwang Tzonelih Wang, Chih-Hung 王智弘 |
author |
Wang, Chih-Hung 王智弘 |
spellingShingle |
Wang, Chih-Hung 王智弘 The Design and Analysis of Secure Communication Protocols for the Computer Network |
author_sort |
Wang, Chih-Hung |
title |
The Design and Analysis of Secure Communication Protocols for the Computer Network |
title_short |
The Design and Analysis of Secure Communication Protocols for the Computer Network |
title_full |
The Design and Analysis of Secure Communication Protocols for the Computer Network |
title_fullStr |
The Design and Analysis of Secure Communication Protocols for the Computer Network |
title_full_unstemmed |
The Design and Analysis of Secure Communication Protocols for the Computer Network |
title_sort |
design and analysis of secure communication protocols for the computer network |
publishDate |
1998 |
url |
http://ndltd.ncl.edu.tw/handle/40060635925750375201 |
work_keys_str_mv |
AT wangchihhung thedesignandanalysisofsecurecommunicationprotocolsforthecomputernetwork AT wángzhìhóng thedesignandanalysisofsecurecommunicationprotocolsforthecomputernetwork AT wangchihhung diànnǎowǎnglùānquántōngxùnxiédìngzhīshèjìyǔyánjiū AT wángzhìhóng diànnǎowǎnglùānquántōngxùnxiédìngzhīshèjìyǔyánjiū AT wangchihhung designandanalysisofsecurecommunicationprotocolsforthecomputernetwork AT wángzhìhóng designandanalysisofsecurecommunicationprotocolsforthecomputernetwork |
_version_ |
1716836709710168065 |
description |
博士 === 國立成功大學 === 資訊工程學系 === 86 === As computer networks prevail, communications between people
are becomingmore convenient than ever. With the progress of
National InformationInfrastructure (NII), many innovative
applications, such as internetshopping, teleconference, distance
learning , remote medical service, etc.,have been constructed
and many more are also on the way. We actually benefits from
these applications in daily life. However, the security problems
in the network, e.g., eavesdropping, tampering and
impersonation, should be carefully considered. An intruder can
easily manipulate important information and eventually the
society will suffer a lot if communications over the networks
fail to follow well-designed secure protocols. Identification
and key distribution have been the two fundamental issues of
secure communications. When a user wants to login to the server
or require the server to provide some services, the server must
verify the user''s identity. The purpose of identification is to
protect the right of legal user and guard against the
impersonation attacks. Previously, the password technology was
very popular. Nowadays, many new techniques such as IC card,
fingerprint, retinal analysis and human identification, have
been proposed to enhance the efficiency and security of the
systems. In addition, creating a secure channel in the open
network requires the key distribution procedure. Therefore,
designing an efficient and practical key distribution protocol
between two persons or groups, or in a conference, is critical.
This dissertation is divided into three parts: (a) the
communication security in personal communication, (b) the
communication security in group-oriented communication, and (c)
the communication security in teleconferencing. In (a), we
study the "Human Identification ", which is a scheme that the
computational complexity of the identification process for the
end user is bounded to the human''s ability. Such scheme has to
protect against the "replay attack" and "peeping attack". Here,
we have investigated the securityof human identification scheme
and proposed several attacks on it. In addition, we have
analyzed the key distribution scheme with "multiple
authentication servers", which was designed by Gong in 1993. A
modified scheme have been proposed to increase the performance.
In (b), we try to propose a new group-oriented cryptosystem and
a modified DSS threshold signature scheme. The former uses the
key exchange protocol of Diffie-Hellman to reduce the cost of
transmissions and computations. The latter modifies Langford''s
threshold DSS signature scheme to reduce the number of signers.
In addition, for the purpose of message authentication within a
group, we propose an unconditionally secure authentication
scheme suitable for multi-senders. By means of our key
distribution/management strategy, this proposed scheme
significantly reduces the size of evidence and the number of
enciphering keys. In (c), we propose a cryptanalysis of Wu
and Yeh''s conference key distribution system (CKDS). Then, we
discuss two problems of Chen-Hwang''s CKDS and propose a
functionally equivalent scheme to avoid these problems.Moreover,
for the sake of practicability, we extend the modified Chen-
Hwang''s scheme to have the property of attendance control.
Finally, we propose a receipt-free voting scheme for the purpose
of resolving process in a conference. Most existing electronic
voting protocols provide each voter a receipt that permits a
check as to whether his vote was counted. With this receipt,
however, each voter can prove his voting choice and thus
provides an opportunity for a malicious user (a briber) to buy
the votes. To solve this problem, one has to use a receipt-free
voting scheme. To summarize this dissertation, we have
investigated in depth on many critical issues of communication
protocols and proposed some topics for further research.
|